summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
author Eric Hameleers <alien@slackware.com>2018-02-10 19:28:12 +0100
committer Eric Hameleers <alien@slackware.com>2018-02-10 19:28:12 +0100
commit0fe63e6e270c519836e79147f18523dfe7c840ca (patch)
tree6b215175c043b9a9485d9624aa348fbe56e98539
parent67910980af45b890361fe383a16db2af13d10fc8 (diff)
downloadktown-5_17.11.tar.gz
ktown-5_17.11.tar.xz
KDE 5_17.11: Fix vulnerability in plasma-workspace5_17.11
A patch was applied to mitigate CVE-2018-6791 (KDEBUG_389815).
-rw-r--r--kde/build/plasma-workspace1
-rw-r--r--kde/patch/plasma-workspace.patch3
-rw-r--r--kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch32
3 files changed, 36 insertions, 0 deletions
diff --git a/kde/build/plasma-workspace b/kde/build/plasma-workspace
new file mode 100644
index 0000000..0cfbf08
--- /dev/null
+++ b/kde/build/plasma-workspace
@@ -0,0 +1 @@
+2
diff --git a/kde/patch/plasma-workspace.patch b/kde/patch/plasma-workspace.patch
index ca71474..bbb4ab1 100644
--- a/kde/patch/plasma-workspace.patch
+++ b/kde/patch/plasma-workspace.patch
@@ -11,3 +11,6 @@
# Fixed in 5.9.0
#cat $CWD/patch/plasma-workspace/plasma-workspace.systray_cpubug.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+# Fix vulnerability (CVE-2018-6791 - KDEBUG_389815):
+cat $CWD/patch/plasma-workspace/plasma-workspace_kdebug389815.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
diff --git a/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch
new file mode 100644
index 0000000..e2f1e48
--- /dev/null
+++ b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch
@@ -0,0 +1,32 @@
+From f32002ce50edc3891f1fa41173132c820b917d57 Mon Sep 17 00:00:00 2001
+From: Marco Martin <notmart@gmail.com>
+Date: Mon, 5 Feb 2018 13:12:51 +0100
+Subject: Make sure device paths are quoted
+
+in the case a vfat removable device has $() or `` in its label,
+such as $(touch foo) the quoted command may get executed,
+leaving an attack vector. Use KMacroExpander::expandMacrosShellQuote
+to make sure everything is quoted and not interpreted as a command
+
+BUG:389815
+---
+ soliduiserver/deviceserviceaction.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/soliduiserver/deviceserviceaction.cpp b/soliduiserver/deviceserviceaction.cpp
+index f49c967..738b27c 100644
+--- a/soliduiserver/deviceserviceaction.cpp
++++ b/soliduiserver/deviceserviceaction.cpp
+@@ -158,7 +158,7 @@ void DelayedExecutor::delayedExecute(const QString &udi)
+
+ QString exec = m_service.exec();
+ MacroExpander mx(device);
+- mx.expandMacros(exec);
++ mx.expandMacrosShellQuote(exec);
+
+ KRun::runCommand(exec, QString(), m_service.icon(), 0);
+ deleteLater();
+--
+cgit v0.11.2
+
+